CISOs and SEC: Navigating Cybersecurity Changes

Latest Quick Answer from Gartner®

SEC Rule Amendments: What to Do & Not Do

Learn how CISOs can navigate the SEC's rule amendments on incident reporting and cybersecurity governance. Key recommendations include updating security incident response processes, assessing and managing material risks, documenting the use of third-party providers, and establishing a formal governance structure. Discover how to assemble the necessary data for materiality assessments and enhance incident response governance. Ensure timely reporting and provide updates on risk management processes while maintaining cybersecurity posture confidentiality. Define clear governance structures and allocate responsibilities with the help of a RACI chart. Gain insights to comply effectively and bolster your organization's cybersecurity program.

Gartner, Quick Answer: New SEC Cybersecurity Rules — What CISOs Should and Shouldn’t Do, Andrew Walls, Lisa Neubauer, et al., 28 August 2023

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.